首页 > 最新文献

IET Inf. Secur.最新文献

英文 中文
Multidimensional zero-correlation linear cryptanalysis of the block cipher KASUMI 分组密码KASUMI的多维零相关线性密码分析
Pub Date : 2014-04-24 DOI: 10.1049/IET-IFS.2014.0543
Wentan Yi, Shaozhen Chen
The block cipher KASUMI is widely used for security in many synchronous wireless standards. It was proposed by ETSI SAGE for usage in 3GPP (3rd Generation Partnership Project) ciphering algorthms in 2001. There are a great deal of cryptanalytic results on KASUMI, however, its security evaluation against the recent zero-correlation linear attacks is still lacking so far. In this paper, we select some special input masks to refine the general 5-round zero-correlation linear approximations combining with some observations on the $FL$ functions and then propose the 6-round zero-correlation linear attack on KASUMI. Moreover, zero-correlation linear attacks on the last 7-round KASUMI are also introduced under some weak keys conditions. These weak keys take $2^{-14}$ of the whole key space. The new zero-correlation linear attack on the 6-round needs about $2^{85}$ encryptions with $2^{62.8}$ known plaintexts. For the attack under weak keys conditions on the last 7 round, the data complexity is about $2^{62.1}$ known plaintexts and the time complexity $2^{110.5}$ encryptions.
分组密码KASUMI在许多同步无线标准中广泛用于安全。它是由ETSI SAGE于2001年提出的,用于3GPP(第三代合作伙伴计划)加密算法。在KASUMI上已经有了大量的密码分析结果,但是对于最近出现的零相关线性攻击,KASUMI的安全性评估仍然缺乏。在本文中,我们选择一些特殊的输入掩模,结合对$FL$函数的一些观察,对一般的5轮零相关线性逼近进行细化,然后提出对KASUMI的6轮零相关线性攻击。此外,在一些弱密钥条件下,还引入了对最后7轮KASUMI的零相关线性攻击。这些弱密钥占用整个密钥空间的$2^{-14}$。新的6轮零相关线性攻击需要大约$2^{85}$加密和$2^{62.8}$已知明文。对于最后7轮弱密钥条件下的攻击,数据复杂度约为$2^{62.1}$已知明文,时间复杂度约为$2^{110.5}$加密。
{"title":"Multidimensional zero-correlation linear cryptanalysis of the block cipher KASUMI","authors":"Wentan Yi, Shaozhen Chen","doi":"10.1049/IET-IFS.2014.0543","DOIUrl":"https://doi.org/10.1049/IET-IFS.2014.0543","url":null,"abstract":"The block cipher KASUMI is widely used for security in many synchronous wireless standards. It was proposed by ETSI SAGE for usage in 3GPP (3rd Generation Partnership Project) ciphering algorthms in 2001. There are a great deal of cryptanalytic results on KASUMI, however, its security evaluation against the recent zero-correlation linear attacks is still lacking so far. In this paper, we select some special input masks to refine the general 5-round zero-correlation linear approximations combining with some observations on the $FL$ functions and then propose the 6-round zero-correlation linear attack on KASUMI. Moreover, zero-correlation linear attacks on the last 7-round KASUMI are also introduced under some weak keys conditions. These weak keys take $2^{-14}$ of the whole key space. \u0000The new zero-correlation linear attack on the 6-round needs about $2^{85}$ encryptions with $2^{62.8}$ known plaintexts. For the attack under weak keys conditions on the last 7 round, the data complexity is about $2^{62.1}$ known plaintexts and the time complexity $2^{110.5}$ encryptions.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"57 1","pages":"215-221"},"PeriodicalIF":0.0,"publicationDate":"2014-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90706941","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
uCloud: a user-centric key management scheme for cloud data protection uCloud:以用户为中心的云数据保护密钥管理方案
Pub Date : 2013-06-20 DOI: 10.1049/iet-ifs.2012.0198
Yung-Wei Kao, Kuan-Ying Huang, Hui-Zhen Gu, S. Yuan
One of the most challenging problems of cloud service solicitation is to persuade users to trust the security of cloud service and upload their sensitive data. Although cloud service providers can claim that their services are well-protected by elaborate encryption mechanisms, traditional cloud systems still cannot persuade the users that even if the cloud servers are compromised, the data are still securely protected. This study proposes uCloud, a user-centric key management scheme for cloud data protection, to solve this problem. uCloud utilises RSA and indirectly encrypts users' data by users' public keys, but stores the users' private keys on neither servers nor users' PCs; instead, the private keys are stored on users' mobile devices and presented via two-dimensional (2D) barcode images when they are utilised to decrypt users' sensitive data. In this manner, users' data are safely protected even if the cloud servers are compromised. Also, uCloud provides users with the experience of managing visible private keys by storing the keys into mobile phones and displaying them via 2D barcodes. Moreover, three scenarios: personal storage, home surveillance and enterprise storage scenarios are proposed to present the practicability of uCloud. In addition, a hierarchical structure is designed for basic key backup and data sharing in the proposed scheme.
如何说服用户相信云服务的安全性并上传其敏感数据是云服务征集中最具挑战性的问题之一。虽然云服务提供商可以声称他们的服务受到精心设计的加密机制的良好保护,但传统的云系统仍然无法说服用户,即使云服务器遭到破坏,数据仍然受到安全保护。为了解决这一问题,本研究提出了以用户为中心的云数据保护密钥管理方案uCloud。uCloud利用RSA,通过用户的公钥间接加密用户的数据,但用户的私钥既不存储在服务器上,也不存储在用户的pc上;取而代之的是,私钥存储在用户的移动设备上,当它们被用来解密用户的敏感数据时,它们会以二维条形码图像的形式呈现。这样,即使云服务器受到威胁,用户的数据也能得到安全保护。此外,uCloud还将密钥存储在手机上,并通过二维条形码显示,为用户提供了管理可见私钥的体验。并提出了个人存储、家庭监控和企业存储三种场景来展示uCloud的实用性。此外,该方案还设计了一种分层结构,用于基础密钥备份和数据共享。
{"title":"uCloud: a user-centric key management scheme for cloud data protection","authors":"Yung-Wei Kao, Kuan-Ying Huang, Hui-Zhen Gu, S. Yuan","doi":"10.1049/iet-ifs.2012.0198","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0198","url":null,"abstract":"One of the most challenging problems of cloud service solicitation is to persuade users to trust the security of cloud service and upload their sensitive data. Although cloud service providers can claim that their services are well-protected by elaborate encryption mechanisms, traditional cloud systems still cannot persuade the users that even if the cloud servers are compromised, the data are still securely protected. This study proposes uCloud, a user-centric key management scheme for cloud data protection, to solve this problem. uCloud utilises RSA and indirectly encrypts users' data by users' public keys, but stores the users' private keys on neither servers nor users' PCs; instead, the private keys are stored on users' mobile devices and presented via two-dimensional (2D) barcode images when they are utilised to decrypt users' sensitive data. In this manner, users' data are safely protected even if the cloud servers are compromised. Also, uCloud provides users with the experience of managing visible private keys by storing the keys into mobile phones and displaying them via 2D barcodes. Moreover, three scenarios: personal storage, home surveillance and enterprise storage scenarios are proposed to present the practicability of uCloud. In addition, a hierarchical structure is designed for basic key backup and data sharing in the proposed scheme.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"43 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2013-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89810786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 29
Oblivious decision program evaluation 遗忘决策程序评价
Pub Date : 2013-06-20 DOI: 10.1049/iet-ifs.2012.0032
Salman Niksefat, B. Sadeghiyan, Payman Mohassel
In this study, the authors design efficient protocols for a number of `oblivious decision program (DP) evaluation' problems. Consider a general form of the problem where a client who holds a private input interacts with a server who holds a private DP (e.g. a decision tree or a branching program) with the goal of evaluating his input on the DP without learning any additional information. Many known private database query problems such as symmetric private information retrieval and private keyword search can be formulated as special cases of this problem. Most of the existing works on the same problem focus on optimising communication. However, in some environments (supported by a few experimental studies), it is the computation and not the communication that may be the performance bottleneck. In this study, we design `computationally efficient' protocols for the above general problem, and a few of its special cases. In addition to being one-round and requiring a small amount of work by the client (in the RAM model), the proposed protocols only require a small number of exponentiations (independent of the server's input) by both parties. The proposed constructions are, in essence, efficient and black-box reductions of the above problem to 1-out-of-2 oblivious transfer. It is proved that the proposed protocols secure (private) against `malicious' adversaries in the standard ideal/real-world simulation-based paradigm.
在这项研究中,作者设计了一些“遗忘决策计划(DP)评估”问题的有效协议。考虑一个问题的一般形式,其中持有私有输入的客户机与持有私有DP(例如决策树或分支程序)的服务器进行交互,目的是在不了解任何额外信息的情况下评估其在DP上的输入。许多已知的私有数据库查询问题,如对称私有信息检索和私有关键字搜索,都可以表述为该问题的特殊情况。针对这一问题的现有研究大多侧重于优化通信。然而,在某些环境中(得到一些实验研究的支持),性能瓶颈可能是计算而不是通信。在本研究中,我们针对上述一般问题及其一些特殊情况设计了“计算效率高”的协议。除了需要客户端进行一轮的少量工作(在RAM模型中)之外,提议的协议只需要双方进行少量的幂运算(与服务器的输入无关)。从本质上讲,所提出的结构是上述问题的有效和黑盒化简到1-out- 2遗忘转移。在标准的理想/现实世界模拟范例中,证明了所提出的协议对“恶意”对手的安全(私有)。
{"title":"Oblivious decision program evaluation","authors":"Salman Niksefat, B. Sadeghiyan, Payman Mohassel","doi":"10.1049/iet-ifs.2012.0032","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0032","url":null,"abstract":"In this study, the authors design efficient protocols for a number of `oblivious decision program (DP) evaluation' problems. Consider a general form of the problem where a client who holds a private input interacts with a server who holds a private DP (e.g. a decision tree or a branching program) with the goal of evaluating his input on the DP without learning any additional information. Many known private database query problems such as symmetric private information retrieval and private keyword search can be formulated as special cases of this problem. Most of the existing works on the same problem focus on optimising communication. However, in some environments (supported by a few experimental studies), it is the computation and not the communication that may be the performance bottleneck. In this study, we design `computationally efficient' protocols for the above general problem, and a few of its special cases. In addition to being one-round and requiring a small amount of work by the client (in the RAM model), the proposed protocols only require a small number of exponentiations (independent of the server's input) by both parties. The proposed constructions are, in essence, efficient and black-box reductions of the above problem to 1-out-of-2 oblivious transfer. It is proved that the proposed protocols secure (private) against `malicious' adversaries in the standard ideal/real-world simulation-based paradigm.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"19 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2013-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78077689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On the approximation of S-boxes via Maiorana-McFarland functions 用Maiorana-McFarland函数逼近s -box
Pub Date : 2013-06-01 DOI: 10.1049/iet-ifs.2012.0169
Yongzhuang Wei, E. Pasalic
Substitution boxes (S-boxes) are the key components of conventional cryptographic systems. To quantify the confusion property of S-boxes, different non-linearity criteria are proposed such as usual non-linearity (NF ), unrestricted non-linearity (UN F ), generalised non-linearity (GN F ), higher order non-linearity (HN F ) and so on. Although these different criteria come from the idea of linear (or non-linear) approximation of S-boxes, the algebraic structures of Boolean functions that are used to approximate to S-boxes have not been considered yet. In this study, the concept of the extended non-linearity of S-boxes (denoted by EN F ) is introduced by measuring the distance of a given function to a subset of Maiorana–McFarland functions. This approximation appears to be appealing because of a particular structure of this class of functions, namely their representation as a concatenation of affine functions. The complexity of computing the rth order extended non-linearity for S-boxes over GF(2) n is less than O(( n r )2 n−r ), (r > 1). Moreover, a theoretical upper bound for the rth order extended non-linearity is proved, which is much lower than previous generalised non-linearity which might give a rise to more efficient attacks that combine a generalised correlation approach with guess and determine techniques. Furthermore, the relationship between the r-order extended non-linearity and the generalised non-linearity is derived.
替换盒(s -box)是传统密码系统的关键组成部分。为了量化s -box的混淆特性,提出了通常非线性(NF)、无限制非线性(UN F)、广义非线性(GN F)、高阶非线性(HN F)等不同的非线性准则。尽管这些不同的准则来自于s盒的线性(或非线性)逼近的思想,但用于逼近s盒的布尔函数的代数结构尚未被考虑。本文通过测量给定函数到Maiorana-McFarland函数子集的距离,引入了s -box扩展非线性的概念(用enf表示)。这种近似看起来很吸引人,因为这类函数的特殊结构,即它们作为仿射函数的串联表示。计算GF(2) n上s -box的第n阶扩展非线性的复杂性小于O((n r)2 n−r), (r > 1)。此外,证明了第n阶扩展非线性的理论上界,这比以前的广义非线性低得多,这可能会导致将广义相关方法与猜测和确定技术相结合的更有效的攻击。进一步推导了r阶扩展非线性与广义非线性之间的关系。
{"title":"On the approximation of S-boxes via Maiorana-McFarland functions","authors":"Yongzhuang Wei, E. Pasalic","doi":"10.1049/iet-ifs.2012.0169","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0169","url":null,"abstract":"Substitution boxes (S-boxes) are the key components of conventional cryptographic systems. To quantify the confusion property of S-boxes, different non-linearity criteria are proposed such as usual non-linearity (NF ), unrestricted non-linearity (UN F ), generalised non-linearity (GN F ), higher order non-linearity (HN F ) and so on. Although these different criteria come from the idea of linear (or non-linear) approximation of S-boxes, the algebraic structures of Boolean functions that are used to approximate to S-boxes have not been considered yet. In this study, the concept of the extended non-linearity of S-boxes (denoted by EN F ) is introduced by measuring the distance of a given function to a subset of Maiorana–McFarland functions. This approximation appears to be appealing because of a particular structure of this class of functions, namely their representation as a concatenation of affine functions. The complexity of computing the rth order extended non-linearity for S-boxes over GF(2) n is less than O(( n r )2 n−r ), (r > 1). Moreover, a theoretical upper bound for the rth order extended non-linearity is proved, which is much lower than previous generalised non-linearity which might give a rise to more efficient attacks that combine a generalised correlation approach with guess and determine techniques. Furthermore, the relationship between the r-order extended non-linearity and the generalised non-linearity is derived.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"17 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2013-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89960106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Palindromic-like representation for Gaussian normal basis multiplier over GF(2m) with odd type t GF(2m)上具有奇数型t的高斯正态基乘法器的似回文表示
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2012.0200
C. Chiou, Tai-Pao Chuang, Shun-Shii Lin, Chiou-Yng Lee, Jim-Min Lin, Yun-Chi Yeh
Palindromic representation is generally used to reduce space and time complexities in Gaussian normal basis (GNB) multiplier with even type t. However, palindromic representation is inapplicable for a GNB multiplier with odd type t ($t geq 2$). This study therefore develops a palindromic-like representation for a GNB multiplier with odd type t. The proposed systolic GNB multiplier with odd type t reduces space and time complexities by as much as 50% compared with conventional GNB multiplier with odd type t without palindromic representation.
对于t为偶数的高斯正态基乘法器,通常采用回文表示法来降低空间和时间复杂度,但对于t为奇数的高斯正态基乘法器,回文表示法不适用($t geq 2$)。因此,本研究为具有奇数型t的GNB乘数开发了类似回文的表示。建议的具有奇数型t的收缩期GNB乘数可将空间和时间复杂性降低多达50%% compared with conventional GNB multiplier with odd type t without palindromic representation.
{"title":"Palindromic-like representation for Gaussian normal basis multiplier over GF(2m) with odd type t","authors":"C. Chiou, Tai-Pao Chuang, Shun-Shii Lin, Chiou-Yng Lee, Jim-Min Lin, Yun-Chi Yeh","doi":"10.1049/iet-ifs.2012.0200","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0200","url":null,"abstract":"Palindromic representation is generally used to reduce space and time complexities in Gaussian normal basis (GNB) multiplier with even type t. However, palindromic representation is inapplicable for a GNB multiplier with odd type t ($t geq 2$). This study therefore develops a palindromic-like representation for a GNB multiplier with odd type t. The proposed systolic GNB multiplier with odd type t reduces space and time complexities by as much as 50% compared with conventional GNB multiplier with odd type t without palindromic representation.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"42 2 1","pages":"318-323"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88170195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Dynamic and secure key management model for hierarchical heterogeneous sensor networks 分层异构传感器网络的动态安全密钥管理模型
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2012.0144
Mahdi R. Alaghband, M. Aref
Many applications that utilise wireless sensor networks (WSNs) require essentially secure communication. However, WSNs suffer from some inherent weaknesses because of restricted communication and hardware capabilities. Key management is the crucial important building block for all security goals in WSNs. Most existing researches tried to assign keys assuming homogeneous network architecture. Recently, a few key management models for heterogeneous WSNs have been proposed. In this study, the authors propose a dynamic key management framework based on elliptical curve cryptography and signcryption method for heterogeneous WSNs. The proposed scheme has network scalability and sensor node (SN) mobility especially in liquid environments. Moreover, both periodic authentication and a new registration mechanism are proposed through prevention of SN compromise. The authors analyse some of the more seminal hierarchical heterogeneous WSN key management schemes and compare them with the proposed scheme. On comparing the proposed scheme with the more seminal hierarchical heterogeneous WSN key management schemes, the proposed framework individually proves to be better in terms of communication, computation and key storage.
许多使用无线传感器网络(wsn)的应用需要本质上安全的通信。然而,由于通信和硬件能力的限制,无线传感器网络存在一些固有的弱点。密钥管理是实现无线传感器网络安全目标的重要组成部分。现有的大多数研究都试图在同构网络架构下分配密钥。近年来,人们提出了几种异构无线传感器网络的密钥管理模型。在本研究中,作者提出了一种基于椭圆曲线加密和签名加密的异构无线传感器网络动态密钥管理框架。该方案具有网络可扩展性和传感器节点(SN)的移动性,特别是在液体环境中。此外,还提出了一种防止SN泄露的周期认证和新的注册机制。作者分析了一些更有影响力的分层异构WSN密钥管理方案,并将它们与所提出的方案进行了比较。通过与已有的分层异构WSN密钥管理方案的比较,分别证明了该框架在通信、计算和密钥存储方面具有更好的性能。
{"title":"Dynamic and secure key management model for hierarchical heterogeneous sensor networks","authors":"Mahdi R. Alaghband, M. Aref","doi":"10.1049/iet-ifs.2012.0144","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0144","url":null,"abstract":"Many applications that utilise wireless sensor networks (WSNs) require essentially secure communication. However, WSNs suffer from some inherent weaknesses because of restricted communication and hardware capabilities. Key management is the crucial important building block for all security goals in WSNs. Most existing researches tried to assign keys assuming homogeneous network architecture. Recently, a few key management models for heterogeneous WSNs have been proposed. In this study, the authors propose a dynamic key management framework based on elliptical curve cryptography and signcryption method for heterogeneous WSNs. The proposed scheme has network scalability and sensor node (SN) mobility especially in liquid environments. Moreover, both periodic authentication and a new registration mechanism are proposed through prevention of SN compromise. The authors analyse some of the more seminal hierarchical heterogeneous WSN key management schemes and compare them with the proposed scheme. On comparing the proposed scheme with the more seminal hierarchical heterogeneous WSN key management schemes, the proposed framework individually proves to be better in terms of communication, computation and key storage.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"37 1","pages":"271-280"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87966429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 66
Critical survey of existing publicly verifiable secret sharing schemes 对现有可公开验证的秘密共享方案的关键调查
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2011.0201
Kun Peng
The existing publicly verifiable secret sharing (PVSS) schemes are surveyed in a critical way in this study. The authors show that they are not so reliable and efficient as they claim or appear. They are limited by assumptions and conditions, vulnerable in important target properties and need more cost in practice. In this study, their actual performance and cost are fairly measured and their drawbacks are pointed out.
本文对现有的可公开验证的秘密共享(PVSS)方案进行了综述。作者表明,他们并不像他们声称或表现的那样可靠和高效。它们受到假设和条件的限制,在重要的目标属性上容易受到攻击,并且在实际应用中需要更多的成本。在本研究中,公平地衡量了它们的实际性能和成本,并指出了它们的缺点。
{"title":"Critical survey of existing publicly verifiable secret sharing schemes","authors":"Kun Peng","doi":"10.1049/iet-ifs.2011.0201","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0201","url":null,"abstract":"The existing publicly verifiable secret sharing (PVSS) schemes are surveyed in a critical way in this study. The authors show that they are not so reliable and efficient as they claim or appear. They are limited by assumptions and conditions, vulnerable in important target properties and need more cost in practice. In this study, their actual performance and cost are fairly measured and their drawbacks are pointed out.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"117 1","pages":"249-257"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75758832","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Low-complexity Gaussian normal basis multiplier over GF(2m) GF(2m)上的低复杂度高斯正态基乘法器
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2012.0110
C. Chiou, H. Chang, Wen-Yew Liang, Chiou-Yng Lee, Jim-Min Lin, Yun-Chi Yeh
The elliptic curve cryptosystem (ECC) is very attractive for the use in portable devices because of the small key size. The finite field multiplication over GF(2 m ) is the most important arithmetic for performing the ECC. Portable devices usually have restricted computation power and memory resources. This work will present a simple method for designing a Gaussian normal basis (GNB) multiplier over GF(2 m ) needing only fewer computation power whereas keeping lower cost. The proposed Gaussian NB multiplier saves � 57% space complexity as compared with existing GNB multiplier.
椭圆曲线密码系统(ECC)由于密钥尺寸小,在便携式设备中应用非常有吸引力。在GF(2m)上的有限域乘法是实现ECC的最重要算法。便携式设备通常具有有限的计算能力和内存资源。这项工作将提出一种简单的方法来设计一个高斯正态基(GNB)乘法器在GF(2 m)上,只需要更少的计算能力,同时保持更低的成本。与现有的GNB乘法器相比,所提出的高斯NB乘法器节省了57%的空间复杂度。
{"title":"Low-complexity Gaussian normal basis multiplier over GF(2m)","authors":"C. Chiou, H. Chang, Wen-Yew Liang, Chiou-Yng Lee, Jim-Min Lin, Yun-Chi Yeh","doi":"10.1049/iet-ifs.2012.0110","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0110","url":null,"abstract":"The elliptic curve cryptosystem (ECC) is very attractive for the use in portable devices because of the small key size. The finite field multiplication over GF(2 m ) is the most important arithmetic for performing the ECC. Portable devices usually have restricted computation power and memory resources. This work will present a simple method for designing a Gaussian normal basis (GNB) multiplier over GF(2 m ) needing only fewer computation power whereas keeping lower cost. The proposed Gaussian NB multiplier saves � 57% space complexity as compared with existing GNB multiplier.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"218 0 1","pages":"310-317"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79559570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Analytical framework for measuring network security using exploit dependency graph 基于漏洞依赖图的网络安全度量分析框架
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2011.0103
P. Bhattacharya, S. K. Ghosh
Attack graph is a popular tool for modelling multi-staged, correlated attacks on computer networks. Attack graphs have been widely used for measuring network security risks. Majority of the works on attack graph use host-based or state-based approaches. These attack graph models are either too restrictive or too resource consuming. Also, a significant portion of these works have used ‘probability of successfully exploiting a network’ as the metric. This approach requires that the ‘probability of successfully exploiting individual vulnerabilities’ be known a priori. Finding such probabilities is inherently difficult. This present study uses exploit dependency graph, which is a space efficient and expressive attack graph model. It also associates an additive cost with executing individual exploits, and defines a security metric in terms of the ‘minimum cost required to successfully exploit the network’. The problem of calculating the said metric is proved to be NP-complete. A modified depth first branch and bound algorithm has been described for calculating it. This study also formulates, a linear-time computable, security metric in terms of the ‘expected cost required to successfully exploit the network’ assuming a random attacker model and an uncorrelated attack graph.
攻击图是一种流行的工具,用于对计算机网络上的多阶段、相关攻击进行建模。攻击图被广泛用于衡量网络安全风险。攻击图的大部分工作使用基于主机或基于状态的方法。这些攻击图模型要么过于严格,要么过于消耗资源。此外,这些作品中有很大一部分使用“成功利用网络的概率”作为度量标准。这种方法需要先验地知道“成功利用单个漏洞的概率”。找到这样的概率本来就很困难。利用依赖图是一种空间高效、表达能力强的攻击图模型。它还将附加成本与执行单个攻击联系起来,并根据“成功利用网络所需的最小成本”定义了安全度量。证明了该度量的计算问题是np完全的。提出了一种改进的深度优先分支定界算法。本研究还根据“成功利用网络所需的预期成本”假设一个随机攻击者模型和一个不相关的攻击图,制定了一个线性时间可计算的安全度量。
{"title":"Analytical framework for measuring network security using exploit dependency graph","authors":"P. Bhattacharya, S. K. Ghosh","doi":"10.1049/iet-ifs.2011.0103","DOIUrl":"https://doi.org/10.1049/iet-ifs.2011.0103","url":null,"abstract":"Attack graph is a popular tool for modelling multi-staged, correlated attacks on computer networks. Attack graphs have been widely used for measuring network security risks. Majority of the works on attack graph use host-based or state-based approaches. These attack graph models are either too restrictive or too resource consuming. Also, a significant portion of these works have used ‘probability of successfully exploiting a network’ as the metric. This approach requires that the ‘probability of successfully exploiting individual vulnerabilities’ be known a priori. Finding such probabilities is inherently difficult. This present study uses exploit dependency graph, which is a space efficient and expressive attack graph model. It also associates an additive cost with executing individual exploits, and defines a security metric in terms of the ‘minimum cost required to successfully exploit the network’. The problem of calculating the said metric is proved to be NP-complete. A modified depth first branch and bound algorithm has been described for calculating it. This study also formulates, a linear-time computable, security metric in terms of the ‘expected cost required to successfully exploit the network’ assuming a random attacker model and an uncorrelated attack graph.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"102 1","pages":"264-270"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79572828","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Low-complexity design of bit-parallel dual-basis multiplier over GF(2m) GF(2m)上位并行双基乘法器的低复杂度设计
Pub Date : 2012-12-01 DOI: 10.1049/iet-ifs.2012.0210
Jenq-Haur Wang, H. Chang, C. Chiou, Wen-Yew Liang
Recently, information security is heavily dependent on cryptosystems such as Rivest-Shamir-Adleman algorithm (RSA algorithm) and elliptic curve cryptosystem (ECC). RSA can provide higher security level than ECC, but it is not suitable for the resource-constrained devices such as smart phones or embedded system. Thus, ECC is attracted on application in resource-constrained devices because it can achieve the same security level, but uses less key length than RSA. Galois or finite field multiplication is the core arithmetic operation of ECC. There are three popular bases in the finite field over GF(2m), polynomial basis, normal basis and dual basis (DB). Each basis representation has its own advantages. In this study, the authors will introduce a low-complexity bit-parallel DB multiplier using the multiplexer approach. Compared with the related work, our design saves up to 60% of space complexity.
目前,信息安全在很大程度上依赖于Rivest-Shamir-Adleman算法(RSA)和椭圆曲线密码系统(ECC)等密码系统。RSA可以提供比ECC更高的安全级别,但不适合智能手机或嵌入式系统等资源受限的设备。因此,ECC可以达到相同的安全级别,但使用的密钥长度比RSA少,因此在资源受限的设备中得到了应用。伽罗瓦或有限域乘法是ECC的核心算术运算。GF(2m)有限域上常用的基有三种:多项式基、正规基和对偶基(DB)。每种基表示都有自己的优点。在本研究中,作者将介绍一种使用多路复用器方法的低复杂度位并行DB乘法器。与相关工作相比,我们的设计节省了高达60%的空间复杂性。
{"title":"Low-complexity design of bit-parallel dual-basis multiplier over GF(2m)","authors":"Jenq-Haur Wang, H. Chang, C. Chiou, Wen-Yew Liang","doi":"10.1049/iet-ifs.2012.0210","DOIUrl":"https://doi.org/10.1049/iet-ifs.2012.0210","url":null,"abstract":"Recently, information security is heavily dependent on cryptosystems such as Rivest-Shamir-Adleman algorithm (RSA algorithm) and elliptic curve cryptosystem (ECC). RSA can provide higher security level than ECC, but it is not suitable for the resource-constrained devices such as smart phones or embedded system. Thus, ECC is attracted on application in resource-constrained devices because it can achieve the same security level, but uses less key length than RSA. Galois or finite field multiplication is the core arithmetic operation of ECC. There are three popular bases in the finite field over GF(2m), polynomial basis, normal basis and dual basis (DB). Each basis representation has its own advantages. In this study, the authors will introduce a low-complexity bit-parallel DB multiplier using the multiplexer approach. Compared with the related work, our design saves up to 60% of space complexity.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"42 1","pages":"324-328"},"PeriodicalIF":0.0,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86975220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
期刊
IET Inf. Secur.
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1